Cloudsmith now provides official upstream proxying and caching support for Chainguard Libraries for Javascript in your npm repositories. This integration enables customers to use Cloudsmith as the primary, secure distribution platform for Chainguard’s malware-resistant, built-from-source JavaScript dependencies. Key benefits Centralized distribut…
We’ve added the --show-all flag to the Cloudsmith CLI, which simplifies your automation scripts by eliminating the need for pagination logic…
You can now use the package publish date in Enterprise Policy Manager (EPM) for npm packages. This enables you to define policies that automatically quarantine new packages for a specific time period (e.g., two weeks) after release…
Cloudsmith’s Enterprise Policy Manager (EPM) now leverages Software Bill of Materials (SBOM) data to enable powerful, component-level policies for Docker and OCI container images…
Monitoring the software licenses in use across your organization is critical, and could help you avoid costly re-work in the future. Cloudsmith's web app now gives you a breakdown of your packages by license, and lists packages with no apparent software license…
You can now use Cloudsmith to proxy and cache packages from public Conda channels (upstreams). This update helps you create a single, reliable source of truth for all your Conda packages, combining your private packages with cached versions of the public upstreams you depend on…
We’ve added a new policy action to Enterprise Policy Management (EPM): Remove tag…
You can now use Cloudsmith’s package search syntax to refine the scope of your repository's retention rules when configuring them via the Cloudsmith web application and via the Cloudsmith Terraform provider. This functionality builds on the existing support to scope retention rules by package search syntax via the API, and makes it easier to target exactly which packages to keep or remove…
Today we are releasing a refreshed and re-architected documentation website for Cloudsmith…
The official Cloudsmith extension for Visual Studio Code is here. It brings your package visibility workflow directly into the IDE, allowing you to browse and inspect repositories and packages without switching context…
